stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

ui progressing

Browse Source
This commit is contained in:
master
2026-02-20 23:32:20 +02:00
parent ca5e7888d6
commit 1ec797d5e8
191 changed files with 32771 additions and 6504 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
docs/modules/ui/v2-rewire/README.md
View File

@@ -1,7 +1,7 @@
# UI v2 Rewire (Canonical Planning Set)
This directory contains two things:
- Raw iterative design packs (`pack-01.md` ... `pack-21.md`)
- Raw iterative design packs (`pack-01.md` ... `pack-22.md`)
- Cleansed planning inputs for sprint decomposition
Use these files as the planning entrypoint:
@@ -14,6 +14,7 @@ S00 package files:
- `S00_sprint_spec_package.md` - detailed S00 sprint spec with acceptance criteria
- `S00_contract_ledger_template.md` - reusable endpoint contract ledger template
- `S00_endpoint_contract_ledger_v1.md` - starter ledger sheet for immediate use
- `S00_endpoint_contract_ledger_v2_pack22.md` - Pack 22 contract delta and backend dependency baseline
## Precedence policy
@@ -24,7 +25,7 @@ A higher pack that does not define a screen in detail does not erase the latest
## Raw materials
Raw packs are preserved as historical input and should not be used directly as the source of truth for sprint planning:
- `pack-01.md` ... `pack-21.md`
- `pack-01.md` ... `pack-22.md`
- `prompt.txt`
## Planning rule

46
docs/modules/ui/v2-rewire/S00_endpoint_contract_ledger_v2_pack22.md Normal file
View File

@@ -0,0 +1,46 @@
# S00 Endpoint Contract Ledger v2 (Pack 22 Delta)
Status: Active baseline for Pack 22 migration (run-detail companion shipped)
Date: 2026-02-20
Working directory: `docs/modules/ui/v2-rewire`
Template source: `S00_contract_ledger_template.md`
Supersedes for new IA planning: `S00_endpoint_contract_ledger_v1.md` remains historical baseline for pre-Pack-22 structure.
## Status class definitions
| Status class | Meaning |
| --- | --- |
| `EXISTS_COMPAT` | Endpoint exists and is compatible with Pack 22 screen needs without schema change. |
| `EXISTS_ADAPT` | Endpoint exists but requires schema additions, filter/sort extensions, or composition changes for Pack 22. |
| `MISSING_NEW` | No endpoint exists; must be designed and implemented before the consuming sprint can complete. |
## Ledger
| Domain | Screen/Page | Canonical source refs | Current route/page | Current endpoint candidate(s) | Status | Owner module | Auth scope impact | Schema delta summary | Decision/risk notes | Action ticket |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| Global context | Region/Environment top-bar selectors and persistence | `source-of-truth.md 2.2`, `pack-22.md 3`, `authority-matrix.md A` | Canonical v3 top-bar context route family under `/api/v2/context/*` | `GET /api/v2/context/regions`; `GET /api/v2/context/environments?regions=`; `GET /api/v2/context/preferences`; `PUT /api/v2/context/preferences` | `EXISTS_COMPAT` | `Platform` | New read/write scope pair (`platform.context.read`, `platform.context.write`) implemented in Platform auth policy map | Shipped in sprint `SPRINT_20260220_018` with migration `047_GlobalContextAndFilters.sql` (`platform.context_regions`, `platform.context_environments`, `platform.ui_context_preferences`) and deterministic ordering indexes | FE top-bar context cutover unblocked for contract baseline; keep v1 aliases for unrelated surfaces during transition | `S22-T01-CTX-01` |
| Dashboard | Mission control posture | `source-of-truth.md 3.2`, `pack-22.md 5`, `pack-16.md` | `/`, `/dashboard` | Existing `GET /api/v1/dashboard/summary` plus policy/scanner aggregates | `EXISTS_ADAPT` | `Platform` | Reuse viewer scopes | Extend dashboard payload with blocked promotion reasons, hotfix lane, evidence posture summary, quick-action counters | Keep `/api/v1/dashboard/summary` alias while adding `/api/v2/dashboard/posture` | `S22-T02-DASH-01` |
| Releases | Releases list (standard + hotfix) | `source-of-truth.md 3.3`, `pack-22.md 5` | `/release-control/releases` (legacy) | `GET /api/v2/releases`; fallback composition from `/api/v1/release-control/bundles`, `/api/v1/approvals` | `EXISTS_COMPAT` | `Platform` + `ReleaseOrchestrator` | Existing `orch:read` plus release list scope alias (policy mapped via `platform.releasecontrol.read`) | Shipped release type, gate summary, risk delta, and region/env filters in deterministic read-model projection backed by migration `048_ReleaseReadModels.sql` | B22-02 shipped list contract; maintain legacy routes until B22-06 deprecation telemetry pass | `S22-T03-REL-01` |
| Releases | Release detail tabs (overview/timeline/deploy/security/evidence/audit) | `source-of-truth.md 3.3`, `pack-22.md 5`, `pack-13.md`, `pack-14.md`, `pack-17.md` | Split across `/release-control/*`, `/deployments/*`, `/approvals/*` | `GET /api/v2/releases/{releaseId}`; `GET /api/v2/releases/{releaseId}/timeline`; `GET /api/v2/releases/{releaseId}/deployments`; `GET /api/v2/releases/{releaseId}/security`; `GET /api/v2/releases/{releaseId}/evidence`; `GET /api/v2/releases/{releaseId}/audit` | `EXISTS_ADAPT` | `Platform` + `ReleaseOrchestrator` + `Policy` + `Scanner` + `EvidenceLocker` | Existing read scopes; add composite read policy | Base detail endpoint `GET /api/v2/releases/{releaseId}` now ships summary+versions+recent activity+approvals projection with correlation keys from migration `048`; tab-specific sub-endpoints remain pending | Partial closure in B22-02; keep row open for timeline/deploy/security/evidence/audit endpoint split completion | `S22-T03-REL-02` |
| Releases | Run detail provenance tabs (timeline/gate/approvals/deployments/security-inputs/evidence/rollback/replay) | `source-of-truth.md 3.3`, `pack-22.md 5`, `docs/implplan/SPRINT_20260220_022_FE_pack22_run_detail_provenance_contract.md` | `/releases/runs/:runId` (target canonical route) | `GET /api/v2/releases/runs/{runId}`; `GET /api/v2/releases/runs/{runId}/timeline`; `GET /api/v2/releases/runs/{runId}/gate-decision`; `GET /api/v2/releases/runs/{runId}/approvals`; `GET /api/v2/releases/runs/{runId}/deployments`; `GET /api/v2/releases/runs/{runId}/security-inputs`; `GET /api/v2/releases/runs/{runId}/evidence`; `GET /api/v2/releases/runs/{runId}/rollback`; `GET /api/v2/releases/runs/{runId}/replay`; `GET /api/v2/releases/runs/{runId}/audit` | `EXISTS_COMPAT` | `Platform` + `ReleaseOrchestrator` + `Policy` + `Scanner` + `EvidenceLocker` + `Attestor` | Existing read scopes plus v1 alias reads for cutover compatibility | Shipped in `SPRINT_20260220_023` with deterministic run-detail contracts and migrations `052_RunInputSnapshots.sql` through `056_RunCapsuleReplayLinkage.sql` | FE sprint `SPRINT_20260220_022` unblocked for tab-by-tab binding; monitor alias telemetry before removing legacy v1 reads | `S23-T01-RUN-01` |
| Releases | Activity (cross-release runs timeline) | `source-of-truth.md 3.3`, `pack-22.md 5`, `pack-14.md` | `/release-control/runs` (legacy) | `GET /api/v2/releases/activity` with filters; fallback from `/api/v1/runs/*` | `EXISTS_COMPAT` | `ReleaseOrchestrator` + `Platform` | Existing `orch:read` | Shipped cross-release activity projection with correlation keys + region/env filters from deterministic read-model composition | Deterministic order enforced by `occurredAt DESC` + stable `activityId` tie-break | `S22-T03-REL-03` |
| Releases | Approvals queue (cross-release) | `source-of-truth.md 3.3`, `pack-22.md 5`, `pack-17.md` | `/release-control/approvals` (legacy) | Existing `/api/v1/approvals`; add `/api/v2/releases/approvals` alias with richer metadata | `EXISTS_COMPAT` | `Policy` + `ReleaseOrchestrator` + `Platform` | Existing reviewer/approver scopes (`orch:read` path for queue projection) | Shipped release identity fields, blocker summaries, and region/env filters in `/api/v2/releases/approvals` projection | Single queue UX dependency unblocked for FE contract migration; v1 approvals endpoint remains for backward compatibility | `S22-T03-REL-04` |
| Topology | Regions, Environments, Targets/Hosts, Agents | `source-of-truth.md 3.4`, `pack-22.md 5`, `pack-18.md` | Legacy under `/release-control/regions`, `/platform-ops/agents`, `/integrations/hosts` | `GET /api/v2/topology/regions`; `GET /api/v2/topology/environments`; `GET /api/v2/topology/targets`; `GET /api/v2/topology/hosts`; `GET /api/v2/topology/agents` | `EXISTS_COMPAT` | `Platform` + `ReleaseOrchestrator` + `Integrations` | `platform.topology.read` policy now mapped to existing `orch:read` scope in Platform auth wiring | Shipped migration `049_TopologyInventory.sql` with normalized region/environment/target/host/agent projection tables and sync watermark tracking | Duplicate inventory placement can now be removed from Integrations/Operations nav during FE route migration | `S22-T04-TOP-01` |
| Topology | Promotion Paths, Workflows, Gate Profiles | `source-of-truth.md 3.4`, `pack-22.md 5`, `pack-13.md` | Legacy setup pages under `/release-control/setup/*` | `GET /api/v2/topology/promotion-paths`; `GET /api/v2/topology/workflows`; `GET /api/v2/topology/gate-profiles`; write routes in follow-up sprint | `EXISTS_COMPAT` | `ReleaseOrchestrator` + `Policy` + `Platform` | Topology read policy uses existing `orch:read` scope; write-authoring scopes stay in module-owned follow-up routes | Shipped deterministic read projections for paths/workflows/gate profiles with region/environment filters; write contracts remain follow-up scope | FE can consume read contracts now; explicit write routes can phase in a subsequent sprint without blocking Pack 22 IA cutover | `S22-T04-TOP-02` |
| Security | Findings unified explorer with pivots | `source-of-truth.md 3.5`, `pack-22.md 5`, `pack-19.md` | `/security-risk/findings`, `/security-risk/vulnerabilities`, `/security-risk/reachability` | `GET /api/v2/security/findings`; legacy `/api/v1/security/findings` and `/api/v1/security/vulnerabilities` retained during migration | `EXISTS_COMPAT` | `Scanner` + `Platform` | `platform.security.read` mapped to existing `findings:read` viewer scope in Platform policy map | Shipped pivot/facet schema (CVE/package/component/release/environment), disposition summary columns, and deterministic filter/sort envelope in B22-04 | Legacy endpoints stay available through cutover window; FE security explorer can migrate to v2 contract | `S22-T05-SEC-01` |
| Security | Disposition (VEX + Exceptions UX join) | `source-of-truth.md 2.3`, `source-of-truth.md 3.5`, `pack-22.md 5` | `/security-risk/vex`, `/security-risk/exceptions` (legacy split) | `GET /api/v2/security/disposition`; `GET /api/v2/security/disposition/{findingId}`; exception/VEX writes remain module-owned routes | `EXISTS_COMPAT` | `Policy` + `Scanner` + `Platform` | `platform.security.read` mapped to `findings:read` for read projection; exception/VEX writes keep module approval scopes | Shipped migration `050_SecurityDispositionProjection.sql` for read-only disposition projection joining VEX state and exception state | Write authority boundaries preserved by design: no combined `/api/v2/security/disposition/exceptions` POST route in Platform | `S22-T05-SEC-02` |
| Security | SBOM Explorer (table/graph/diff) | `source-of-truth.md 2.3`, `source-of-truth.md 3.5`, `pack-22.md 5` | `/security-risk/sbom`, `/security-risk/sbom-lake` | `GET /api/v2/security/sbom-explorer?mode=table|graph|diff` with release compare filters | `EXISTS_COMPAT` | `Scanner` + `Graph` + `Platform` | `platform.security.read` mapped to existing `findings:read` viewer scope | Shipped unified response envelope for table/graph/diff views with deterministic diff composition from migration `050` projection objects | Enables FE to collapse dual SBOM routes onto one v2 explorer contract | `S22-T05-SEC-03` |
| Evidence | Evidence packs, audit, replay linkage from Releases/Security | `source-of-truth.md 3.6`, `pack-22.md 5`, `pack-20.md` | `/evidence-audit/*` (legacy) | Existing `/api/v1/evidence/*`; add release/finding correlation filters on `/api/v2/evidence/*` | `EXISTS_ADAPT` | `EvidenceLocker` + `Attestor` + `Platform` | Existing evidence read scopes | Add optional filters (`releaseId`, `findingId`, `approvalId`) and deterministic pagination | Ensures inline evidence references across modules | `S22-T06-EVID-01` |
| Platform / Integrations | Advisory feeds and VEX source setup + health/activity | `source-of-truth.md 2.3`, `source-of-truth.md 3.8`, `pack-23.md 2`, `pack-10.md` | `/platform/integrations/feeds` | `GET /api/v2/integrations/feeds`; `GET /api/v2/integrations/vex-sources`; legacy `/api/v1/integrations/*` retained during migration | `EXISTS_COMPAT` | `Integrations` + `Concelier` + `Platform` | `platform.integrations.read` mapped to `advisory:read`; `platform.integrations.vex.read` mapped to `vex:read` | Shipped source-type discriminator plus status/freshness/last-sync metadata and Security/Dashboard consumer hints, backed by migration `051_IntegrationSourceHealth.sql` | Integrations setup + health routes are now v2-ready for FE cutover while legacy aliases remain available during transition | `S22-T07-INT-01` |
| Platform / Ops | Platform health/data integrity/offline/scheduler | `source-of-truth.md 3.7`, `pack-23.md 2`, `pack-15.md` | `/platform/ops/*` | Existing `/api/v1/platform/data-integrity/*`, scheduler/orchestrator/health routes | `EXISTS_COMPAT` | `Platform` + `Scheduler` + `Orchestrator` | Existing ops scopes | No schema change required for baseline migration; route names will change in FE | Keep aliases from old path prefix during cutover | `S22-T08-OPS-01` |
| Administration | Identity/tenant/notifications/usage/policy/system | `source-of-truth.md 3.9`, `pack-22.md 5`, `pack-21.md` | `/administration/*` | Existing `/api/v1/administration/*` | `EXISTS_COMPAT` | `Platform` + `Authority` + `Policy` | Existing admin scopes | No immediate schema change in Pack 22 baseline | Track trust-posture entry points from Evidence as FE task | `S22-T09-ADM-01` |
## Sign-off requirement
Before readiness closure, frontend and backend leads must confirm:
- All `MISSING_NEW` rows are shipped or formally deferred with owner/date.
- `EXISTS_ADAPT` rows have accepted schema and alias compatibility tests.
- No Pack 22 authority screen remains unclassified.
Sign-off output should be captured in an updated handoff packet after the first Pack 22 implementation wave.

250
docs/modules/ui/v2-rewire/S00_route_deprecation_map.md
View File

@@ -1,183 +1,97 @@
# S00 Route Deprecation Map
# S00 Route Deprecation Map (Pack 22 Canonical)
Status: Frozen baseline
Date: 2026-02-18
Working directory: `docs/modules/ui/v2-rewire`
Canonical source: `source-of-truth.md`, `authority-matrix.md`
Status: Active
Date: 2026-02-20
Working directory: `docs/modules/ui/v2-rewire`
Canonical source: `source-of-truth.md`, `pack-22.md`
## Purpose
Complete route baseline mapping current v1 canonical paths to v2 target IA families.
Every major route family must have exactly one migration action.
This map governs all implementation in sprints 006 through 016.
Define deterministic route migration from pre-Pack22 root families to Pack22 canonical IA:
## Route action definitions
- `/dashboard`
- `/releases` (run-centric subroots under `/releases/versions*` and `/releases/runs*`)
- `/security` (workspace subroots under `/security/overview`, `/security/triage`, `/security/advisories-vex`, `/security/supply-chain-data/*`)
- `/evidence` (capsule-first subroots under `/evidence/overview`, `/evidence/capsules`, `/evidence/exports/export`, `/evidence/verification/*`)
- `/topology`
- `/platform` (setup/ops/integrations canonical root; legacy `/operations`, `/integrations`, `/administration` are alias-window routes)
## Action definitions
| Action | Meaning |
| --- | --- |
| `keep` | Path and semantics are unchanged; no migration work required. |
| `redirect` | Current path redirects to v2 canonical target; old path is no longer authoritative. |
| `alias` | Current path remains active and resolves to the same content as canonical; both paths are valid during the migration window. Planned for removal after cutover. |
| `remove-later` | Path is superseded; leave as redirect stub until traffic confirms safety, then remove in sprint 016. |
| `canonical` | Route family is authoritative and must be used by nav and breadcrumbs. |
| `redirect` | Legacy route redirects to canonical route. |
| `alias-window` | Legacy route remains temporarily available and is tracked via alias telemetry. |
## Section 1 — Root domain family migrations
## Root family mapping
These are the highest-priority mappings because they affect top-level navigation and all deep links.
| Current v1 path family | v2 canonical target family | Action | Notes |
| --- | --- | --- | --- |
| `/` (control-plane landing) | `/dashboard` | `redirect` | Current Control Plane becomes Dashboard v3 landing. Sprint 012 implements target. |
| `/security/*` | `/security-risk/*` | `redirect` + temporary `alias` | High-traffic. Alias `/security/*` during sprint 014 window; remove in sprint 016. |
| `/operations/*` | `/platform-ops/*` | `redirect` + temporary `alias` | Ops team bookmarks. Alias during sprint 008 window; remove in sprint 016. |
| `/evidence/*` | `/evidence-audit/*` | `redirect` + temporary `alias` | Alias during sprint 015 window; remove in sprint 016. |
| `/policy/*` | `/administration/policy-governance/*` | `redirect` | Ownership change. High risk; enforce breadcrumb and ownership labels per nav policy. |
| `/settings/*` (admin subset) | `/administration/*` | `redirect` | Split: admin sub-paths go to `/administration/*`; integration sub-paths go to `/integrations/*`. |
| `/settings/integrations/*` | `/integrations/*` | `redirect` | Integrations becomes a canonical root domain. |
| `/integrations/*` (current shallow root) | `/integrations/*` (v2 canonical root) | `keep` | Route family stays. Sprint 008 expands content and taxonomy. |
| `/approvals/*` | `/release-control/approvals/*` | `redirect` + temporary `alias` | Alias `/approvals/*` for operator convenience during cutover; remove in sprint 016. |
| `/releases/*` | `/release-control/releases/*` | `redirect` + temporary `alias` | High-traffic operator route. Alias during sprints 010-016 window. |
| `/environments/*` | `/release-control/environments/*` | `redirect` | Medium risk. |
| `/deployments/*` | `/release-control/deployments/*` | `redirect` | Medium risk. |
| `/analytics/*` | `/security-risk/analytics/*` | `redirect` | Analytics is consumed under Security & Risk. |
## Section 2 — Settings sub-family migrations
All settings sub-paths have a final canonical owner under Administration or Integrations.
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/settings/admin/users` | `/administration/identity-access/users` | `redirect` | 007 |
| `/settings/admin/roles` | `/administration/identity-access/roles` | `redirect` | 007 |
| `/settings/admin/tenants` | `/administration/identity-access/tenants` | `redirect` | 007 |
| `/settings/admin/clients` | `/administration/identity-access/clients` | `redirect` | 007 |
| `/settings/admin/tokens` | `/administration/identity-access/tokens` | `redirect` | 007 |
| `/settings/admin/branding` | `/administration/tenant-branding` | `redirect` | 007 |
| `/settings/admin/:page` | `/administration/:page` | `redirect` (catch-all) | 007 |
| `/settings/trust/*` | `/administration/trust-signing/*` | `redirect` | 007 |
| `/settings/notifications/*` | `/administration/notifications/*` | `redirect` | 007 |
| `/settings/security-data/trivy` | `/integrations/feeds/trivy` | `redirect` | 008 |
| `/settings/sbom-sources/*` | `/integrations/sbom-sources/*` | `redirect` | 008 |
| `/settings/workflows/*` | `/administration/system/workflows` | `redirect` | 007 |
| `/settings/profile` | `/administration/profile` | `alias` | 007 (keep; `/administration/profile` is canonical) |
| `/settings/configuration-pane` | `/administration/system/configuration` | `redirect` | 007 |
## Section 3 — Evidence & Audit sub-family migrations
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/evidence` | `/evidence-audit` | `redirect` + alias | 015 |
| `/evidence/audit` | `/evidence-audit/audit` | `redirect` | 015 |
| `/evidence/packs/*` | `/evidence-audit/packs/*` | `redirect` | 015 |
| `/evidence/proofs/*` | `/evidence-audit/proofs/*` | `alias` | 015 (permanent convenience alias for external linking) |
| `/evidence/change-trace/*` | `/evidence-audit/change-trace/*` | `redirect` | 015 |
| `/evidence/receipts/cvss/*` | `/evidence-audit/receipts/cvss/*` | `redirect` | 015 |
| `/evidence-thread/*` | `/evidence-audit/thread/*` | `redirect` | 015 |
| `/timeline/*` | `/evidence-audit/timeline/*` | `redirect` | 015 |
## Section 4 — Platform Ops sub-family migrations
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/operations/feeds/*` | `/platform-ops/data-integrity/feeds/*` | `redirect` | 008 |
| `/operations/orchestrator/*` | `/platform-ops/orchestrator/*` | `redirect` | 008 |
| `/operations/health` | `/platform-ops/health` | `redirect` | 008 |
| `/operations/quotas/*` | `/platform-ops/quotas/*` | `redirect` | 008 |
| `/operations/slo` | `/platform-ops/data-integrity/slo` | `redirect` | 008 |
| `/operations/dead-letter` | `/platform-ops/orchestrator/dead-letter` | `redirect` | 008 |
| `/operations/aoc` | `/platform-ops/aoc` | `redirect` | 008 |
| `/operations/doctor` | `/platform-ops/doctor` | `redirect` | 008 |
| `/operations/offline-kit/*` | `/platform-ops/offline-kit/*` | `redirect` | 008 |
| `/operations/agents/*` | `/platform-ops/agents/*` | `redirect` | 008 |
| `/operations/scanner/*` | `/platform-ops/scanner/*` | `redirect` | 008 |
| `/operations/packs/*` | `/platform-ops/pack-registry/*` | `redirect` | 008 |
| `/operations/signals/*` | `/platform-ops/signals/*` | `redirect` | 008 |
| `/operations/ai-runs/*` | `/platform-ops/ai-runs/*` | `redirect` | 008 |
| `/operations/notifications` | `/administration/notifications` | `redirect` | 007 (ownership change) |
| `/operations/status` | `/administration/system/status` | `redirect` | 007 (ownership change) |
## Section 5 — Release Control sub-family migrations
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/releases` | `/release-control/releases` | `redirect` + alias | 010 |
| `/releases/:id` | `/release-control/releases/:id` | `redirect` | 010 |
| `/approvals` | `/release-control/approvals` | `redirect` + alias | 011 |
| `/approvals/:id` | `/release-control/approvals/:id` | `redirect` | 011 |
| `/environments` | `/release-control/environments` | `redirect` | 013 |
| `/environments/:id` | `/release-control/environments/:id` | `redirect` | 013 |
| `/deployments/*` | `/release-control/deployments/*` | `redirect` | 010 |
| (new) `/release-control/bundles/*` | `/release-control/bundles/*` | `new (implemented)` | 20260219_003 |
## Section 6 — Security & Risk sub-family migrations
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/security` | `/security-risk` | `redirect` + alias | 014 |
| `/security/findings/*` | `/security-risk/findings/*` | `redirect` | 014 |
| `/security/vulnerabilities/*` | `/security-risk/vulnerabilities/*` | `redirect` | 014 |
| `/security/sbom/graph` | `/security-risk/sbom/graph` | `redirect` | 014 |
| `/security/lineage/*` | `/security-risk/lineage/*` | `redirect` | 014 |
| `/security/reachability` | `/security-risk/reachability` | `redirect` | 014 |
| `/security/risk` | `/security-risk/risk` | `redirect` | 014 |
| `/security/artifacts/*` | `/security-risk/artifacts/*` | `redirect` | 014 |
| `/security/vex/*` | `/security-risk/vex/*` | `redirect` | 014 |
| `/security/unknowns` | `/security-risk/unknowns` | `redirect` | 014 |
| `/security/patch-map` | `/security-risk/patch-map` | `redirect` | 014 |
| `/security/scans/*` | `/security-risk/scans/*` | `redirect` | 014 |
| (new) `/security-risk/advisory-sources` | `/security-risk/advisory-sources` | `new (implemented)` | 20260219_004 |
## Section 7 — Administration sub-family migrations
| Current v1 path | v2 target | Action | Sprint |
| --- | --- | --- | --- |
| `/policy/governance` | `/administration/policy-governance` | `redirect` | 007 |
| `/policy/exceptions/*` | `/administration/policy-governance/exceptions/*` | `redirect` | 007 |
| `/policy/packs/*` | `/administration/policy-governance/packs/*` | `redirect` | 007 |
| `/admin/trust/*` | `/administration/trust-signing/*` | `redirect` | 007 |
| `/admin/audit` | `/evidence-audit/audit` | `redirect` | 015 |
| `/admin/notifications` | `/administration/notifications` | `redirect` | 007 |
| `/admin/policy/governance` | `/administration/policy-governance` | `redirect` | 007 |
| `/admin/policy/simulation` | `/administration/policy-governance/simulation` | `redirect` | 007 |
| `/admin/registries` | `/integrations/registries` | `redirect` | 008 |
| `/admin/issuers` | `/administration/trust-signing/issuers` | `redirect` | 007 |
| `/admin/vex-hub/*` | `/security-risk/vex/*` | `redirect` | 014 |
## Section 8 — Remove-later candidates
Paths that are stale and should be removed after traffic confirmation:
| Path | Current state | Proposed timeline |
| Legacy root family | Canonical target | Action |
| --- | --- | --- |
| `/home` | Already redirects to `/` | Sprint 016: confirm and remove from app.routes |
| `/orchestrator/*` | Already redirects to `/operations/*` → sprint 008 will update to `/platform-ops/*` | Sprint 016 |
| `/release-orchestrator/*` | Already redirects to root routes | Sprint 016 |
| `/ops/*` | Already redirects to `/operations/*` → sprint 008 will update | Sprint 016 |
| `/console/*` | Already redirects to `/settings/*` → sprint 007 will update to `/administration/*` | Sprint 016 |
| `/triage/*` | Already redirects to `/security/*` → sprint 014 will update | Sprint 016 |
| `/qa/*` (internal workbenches) | Internal tooling; keep as `alias` long-term | No sprint 016 removal |
| `/release-control/*` | split between `/releases/*` and `/topology/*` | `redirect` + `alias-window` |
| `/security-risk/*` | `/security/*` | `redirect` + `alias-window` |
| `/evidence-audit/*` | `/evidence/*` | `redirect` + `alias-window` |
| `/platform-ops/*` | `/platform/ops/*` | `redirect` + `alias-window` |
| `/operations/*` (old ops shell) | `/platform/ops/*` | `redirect` + `alias-window` |
| `/integrations/*` (legacy root) | `/platform/integrations/*` | `redirect` + `alias-window` |
| `/administration/*` (legacy root) | `/platform/setup/*` | `redirect` + `alias-window` |
| `/settings/release-control/*` | `/topology/*` | `redirect` |
## Section 9 — High-risk deep-link mitigation
## Release Control decomposition
| Risk | Mitigation |
| --- | --- |
| `/approvals/:id` bookmarks (operators) | Alias `/approvals/:id` until sprint 016 cutover confirmation. |
| `/releases/:id` links from CI/CD notifications | Alias `/releases/:id` until sprint 016. Log alias traffic before removal. |
| `/settings/trust/*` from admin-written runbooks | Update internal runbooks in sprint 007 alongside redirect implementation. |
| `/policy/*` ownership migration confuses policy authors | Apply transition labels in sprint 007 alongside redirect; breadcrumb shows `Administration > Policy Governance`. |
| `/operations/*` ops-team dashboards with hardcoded links | Announce alias window in release notes. Alias during sprint 008-016 window. |
| Legacy path | Canonical target | Action |
| --- | --- | --- |
| `/release-control/releases` | `/releases/runs` | `redirect` |
| `/release-control/releases/:id` | `/releases/runs/:id/timeline` | `redirect` |
| `/release-control/approvals` | `/releases/approvals` | `redirect` |
| `/release-control/runs` | `/releases/runs` | `redirect` |
| `/release-control/deployments` | `/releases/runs` | `redirect` |
| `/release-control/promotions` | `/releases/runs` | `redirect` |
| `/release-control/hotfixes` | `/releases/hotfix` | `redirect` |
| `/release-control/regions` | `/topology/regions` | `redirect` |
| `/release-control/setup` | `/platform/setup` | `redirect` |
| `/release-control/setup/environments-paths` | `/topology/environments` | `redirect` |
| `/release-control/setup/targets-agents` | `/topology/targets` | `redirect` |
| `/release-control/setup/workflows` | `/platform/setup/workflows-gates` | `redirect` |
## Section 10 — Activation sequence
## Security consolidation
| Sprint | Routes activated / aliases established |
| --- | --- |
| 006 | Root nav + canonical domain route trees; alias existing roots to new domains |
| 007 | Administration domain routes; redirect `/settings/admin/*`, `/policy/*`, `/admin/*` paths |
| 008 | Integrations and Platform Ops routes; redirect `/operations/*`, `/settings/integrations/*` paths |
| 009 | Bundle routes under `/release-control/bundles/*` (new) |
| 010 | Release and promotion routes; redirect `/releases/*`, `/deployments/*` |
| 011 | Approvals routes; alias `/approvals/*` to `/release-control/approvals/*` |
| 012 | Dashboard v3; redirect `/` and update home behavior |
| 013 | Environment detail routes; redirect `/environments/*` |
| 014 | Security & Risk routes; alias `/security/*` |
| 015 | Evidence & Audit routes; alias `/evidence/*` |
| 016 | Remove all `alias` and `remove-later` temporary paths; publish cutover confirmation |
| Legacy path | Canonical target | Action |
| --- | --- | --- |
| `/security-risk` | `/security/overview` | `redirect` |
| `/security-risk/findings*` | `/security/triage*` | `redirect` |
| `/security-risk/vulnerabilities*` | `/security/triage*` | `redirect` |
| `/security-risk/vex` | `/security/advisories-vex` | `redirect` |
| `/security-risk/exceptions` | `/security/advisories-vex` | `redirect` |
| `/security-risk/sbom` | `/security/supply-chain-data/graph` | `redirect` |
| `/security-risk/sbom-lake` | `/security/supply-chain-data/lake` | `redirect` |
| `/security-risk/advisory-sources` | `/platform/integrations/feeds` | `redirect` |
## Evidence and Operations renames
| Legacy path | Canonical target | Action |
| --- | --- | --- |
| `/evidence-audit` | `/evidence/overview` | `redirect` |
| `/evidence-audit/packs*` | `/evidence/capsules*` | `redirect` |
| `/evidence-audit/audit-log` | `/evidence/audit-log` | `redirect` |
| `/evidence-audit/replay` | `/evidence/verification/replay` | `redirect` |
| `/platform-ops` | `/platform/ops` | `redirect` |
| `/platform-ops/data-integrity` | `/platform/ops/data-integrity` | `redirect` |
| `/platform-ops/orchestrator*` | `/platform/ops/orchestrator*` | `redirect` |
| `/platform-ops/agents` | `/topology/agents` | `redirect` |
## Telemetry expectations
- Legacy alias hits must emit deterministic `legacy_route_hit` telemetry with:
- `oldPath`,
- `newPath`,
- tenant/user context metadata.
- Alias telemetry must remain active until Pack22 cutover approval.
## Cutover checkpoint
Before alias removal:
- Legacy hit rate for `/release-control/*`, `/security-risk/*`, `/evidence-audit/*`, `/platform-ops/*` is reviewed.
- Route-to-endpoint matrix in `docs/qa/` confirms canonical routes are using Pack22 endpoints.
- Sprint closure notes record alias telemetry evidence and final removal plan.

3
docs/modules/ui/v2-rewire/all.md
View File

@@ -15,10 +15,11 @@ This file is the canonical entrypoint for planning work.
- `S00_sprint_spec_package.md`
- `S00_contract_ledger_template.md`
- `S00_endpoint_contract_ledger_v1.md`
- `S00_endpoint_contract_ledger_v2_pack22.md`
## Raw pack archive (historical inputs)
- `pack-01.md` ... `pack-21.md`
- `pack-01.md` ... `pack-22.md`
- `prompt.txt`
## Precedence reminder

76
docs/modules/ui/v2-rewire/authority-matrix.md
View File

@@ -1,7 +1,7 @@
# UI v2 Rewire Authority Matrix
# UI v2 Rewire Authority Matrix
Status: Canonical planning reference
Date: 2026-02-18
Date: 2026-02-20
This matrix defines which pack is authoritative for each capability and which packs are superseded.
@@ -9,56 +9,60 @@ This matrix defines which pack is authoritative for each capability and which pa
| Capability area | Authoritative pack(s) | Superseded packs | Notes |
| --- | --- | --- | --- |
| Dashboard mission board | `pack-16.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Keep release-centric board with SBOM/CritR/Data Integrity signals. |
| Release bundles and organizer | `pack-12.md`, `pack-21.md` | `pack-01.md`, `pack-02.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Pack 21 sets placement; Pack 12 keeps detailed builder and lifecycle flows. |
| Releases promotion flow | `pack-13.md` | `pack-01.md`, `pack-04.md`, `pack-08.md` | Bundle-version anchored promotion model. |
| Approvals detailed decision flow | `pack-17.md` and `pack-13.md` | `pack-01.md`, `pack-04.md`, `pack-08.md` | Pack 17 overrides approval detail/tab model; Pack 13 still provides base coupling to promotions. |
| Run timeline / rollback / replay context | `pack-14.md` | Earlier implicit run views in packs 1/4/8 | Canonical run lifecycle and checkpoint model. |
| Environment detail standard | `pack-18.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Standardized header and env tab set. |
| Security decision-first console | `pack-19.md` plus `pack-21.md` (advisory mapping) | `pack-03.md`, `pack-07.md` | Pack 19 is base Security model; Pack 21 adds Advisory Sources split intent. |
| Evidence and audit chain | `pack-20.md` | `pack-03.md`, `pack-09.md`, `pack-11.md` | Pack 20 is authoritative except Trust ownership override from Pack 21. |
| Ops data confidence model | `pack-15.md`, `pack-21.md`, `pack-10.md` | `pack-03.md`, `pack-06.md`, `pack-09.md`, `pack-11.md` | Pack 15 defines Data Integrity; Pack 21 defines ops taxonomy; Pack 10 retains feeds/airgap detail. |
| Integrations structure | `pack-21.md`, `pack-10.md` | `pack-02.md`, `pack-05.md`, `pack-09.md` | Pack 21 sets taxonomy; Pack 10 keeps concrete hub/detail flows. |
| Administration structure | `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md`, `pack-11.md` | Canonical A0..A7 admin model. |
| Global IA and naming | `pack-23.md`, `pack-22.md` | `pack-21.md` and lower for overlaps | Canonical roots are Dashboard, Releases, Security, Evidence, Topology, Platform, Administration. |
| Dashboard mission control | `pack-22.md`, `pack-16.md` | `pack-01.md`, `pack-04.md`, `pack-08.md`, `pack-11.md` | Pack 22 defines posture framing; Pack 16 keeps detailed signal cards where unchanged. |
| Releases lifecycle consolidation | `pack-22.md`, `pack-12.md`, `pack-13.md`, `pack-14.md`, `pack-17.md` | Standalone lifecycle module variants in older packs | Runs/deployments/promotions/hotfixes are views under Releases, not roots. |
| Topology inventory and setup | `pack-22.md`, `pack-18.md` | Prior placements under Release Control and Platform Ops | Regions/env/targets/hosts/agents/workflows/gate profiles belong to Topology. |
| Security consolidation | `pack-22.md`, `pack-19.md` | `pack-03.md`, `pack-07.md` and split-view variants | Findings + Disposition + SBOM Explorer as consolidated IA. |
| Evidence and audit chain | `pack-22.md`, `pack-20.md` | `pack-03.md`, `pack-09.md`, `pack-11.md` | Evidence must be linked from Releases and Security decisions. |
| Operations runtime posture | `pack-23.md`, `pack-15.md`, `pack-10.md` | `pack-03.md`, `pack-06.md`, `pack-09.md`, `pack-11.md` | Ops runs under Platform and owns runtime operability state; agents stay in Topology. |
| Integrations configuration | `pack-23.md`, `pack-10.md`, `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md` | Integrations runs under Platform and is limited to external systems/connectors. |
| Administration governance | `pack-22.md`, `pack-21.md` | `pack-02.md`, `pack-05.md`, `pack-09.md`, `pack-11.md` | Identity/tenant/notification/usage/policy/system remain Administration-owned. |
## B) Explicit higher-pack overrides
| Decision | Replaced guidance | Canonical guidance |
| --- | --- | --- |
| Policy Governance location | Release Control variants in Packs 5 and 9 | `Administration -> Policy Governance` (`pack-21.md`) |
| Trust & Signing ownership | Evidence ownership in Packs 9, 11, and 20 | `Administration -> Trust & Signing` with Evidence/Security cross-links (`pack-21.md`) |
| System location | Operations Platform Admin in Pack 9, root System in Pack 11 | `Administration -> System` with Platform Ops drilldowns (`pack-21.md`) |
| Legacy Security Data split | Mixed settings-placement drafts in Packs 2/5/9/10 | Connectivity in Integrations/Ops, decision impact in Security (`pack-21.md`) |
| Root domain naming | `Release Control`, `Security & Risk`, `Evidence & Audit`, `Platform Ops` roots | `Releases`, `Security`, `Evidence`, `Platform`, plus `Topology` root (`pack-23.md`) |
| Bundle naming | Bundle-first labels in packs 12/21 | UI term is `Release`; bundle semantics remain in data model (`pack-22.md`) |
| Lifecycle menu sprawl | Standalone Promotions, Deployments, Runs, Hotfixes menus | Lifecycle surfaces live under `Releases` list/detail/activity/approvals (`pack-22.md`) |
| Region/environment nav placement | Deep menu under release-control variants | Global context selectors + Topology inventory pages (`pack-22.md`) |
| Security navigation split | Separate VEX, Exceptions, SBOM Graph, SBOM Lake menus | Consolidated `Disposition` and `SBOM Explorer` surfaces (`pack-22.md`) |
| Feed and VEX source setup placement | Security-owned advisory sources setup variants | Integrations-owned feed/source configuration (`pack-22.md`) |
| Agent module placement | Platform Ops ownership variants | `Topology -> Agents` (`pack-22.md`) |
## C) Pack lifecycle classification
| Pack | Status for planning | Primary reason |
| --- | --- | --- |
| `pack-01.md` | Superseded baseline | Early release-control draft replaced by later domain packs. |
| `pack-01.md` | Superseded baseline | Early drafts replaced by higher packs. |
| `pack-02.md` | Superseded baseline | Early settings/admin/integration placement replaced. |
| `pack-03.md` | Superseded baseline | Early security/evidence/ops model replaced by 15/19/20/21. |
| `pack-04.md` | Superseded baseline | Early Release Control model replaced by 12/13/16/17/18/21. |
| `pack-05.md` | Superseded baseline | Transitional admin/integration moves replaced by 21. |
| `pack-06.md` | Superseded baseline | Ops structure replaced by 15 and 21 taxonomy. |
| `pack-07.md` | Superseded baseline | Security model replaced by 19. |
| `pack-08.md` | Partially superseded reference | Useful as RC nesting reference only; most details replaced. |
| `pack-09.md` | Superseded baseline | Settings migration draft overridden by 21. |
| `pack-10.md` | Active partial authority | Still needed for detailed Integrations/Feeds/AirGap flows. |
| `pack-11.md` | Superseded baseline | Replaced by 12-21 and overridden by 21 on key ownerships. |
| `pack-12.md` | Active authority | Bundle organizer deep specification. |
| `pack-13.md` | Active authority | Promotion flow baseline; approvals partially overridden by 17. |
| `pack-14.md` | Active authority | Run timeline, checkpoints, rollback/replay hooks. |
| `pack-03.md` | Superseded baseline | Early security/evidence/ops model replaced. |
| `pack-04.md` | Superseded baseline | Early release control model replaced. |
| `pack-05.md` | Superseded baseline | Transitional admin/integration moves replaced. |
| `pack-06.md` | Superseded baseline | Ops structure replaced by packs 15 and 22. |
| `pack-07.md` | Superseded baseline | Security model replaced by packs 19 and 22. |
| `pack-08.md` | Superseded baseline | Historical reference only. |
| `pack-09.md` | Superseded baseline | Settings migration draft replaced. |
| `pack-10.md` | Active partial authority | Integrations/feeds/airgap detail where not overridden. |
| `pack-11.md` | Superseded baseline | Replaced by packs 12-22. |
| `pack-12.md` | Active authority | Release composition deep specification. |
| `pack-13.md` | Active authority | Promotion flow baseline for Releases. |
| `pack-14.md` | Active authority | Run timeline/checkpoint semantics. |
| `pack-15.md` | Active authority | Data Integrity operations model. |
| `pack-16.md` | Active authority | Dashboard v3 canonical model. |
| `pack-17.md` | Active authority | Approvals v2 canonical detail model. |
| `pack-18.md` | Active authority | Environment detail canonical standard. |
| `pack-19.md` | Active authority | Security consolidation baseline. |
| `pack-20.md` | Active authority with override | Evidence consolidation; Trust ownership overridden by 21. |
| `pack-21.md` | Highest-precedence authority | Final admin/integration/settings split and top-level grouping intent. |
| `pack-16.md` | Active authority | Dashboard signal-level model. |
| `pack-17.md` | Active authority | Approvals detail model. |
| `pack-18.md` | Active authority | Environment/topology detail shell standard. |
| `pack-19.md` | Active authority | Security decision model details. |
| `pack-20.md` | Active authority | Evidence chain structure. |
| `pack-21.md` | Active fallback authority | Pre-Pack-22 admin/integration organization details where not overridden. |
| `pack-23.md` | Highest-precedence authority | Platform global menu with Ops/Integrations/Setup consolidation and ownership boundaries. |
| `pack-22.md` | Active authority | IA consolidation baseline and naming model before Platform delta in Pack 23. |
## D) Raw pack usage policy
For sprint planning, use raw packs only through this sequence:
1. Find capability in Section A.
2. Start with listed authoritative pack(s).
3. Open superseded packs only for migration context or missing implementation detail.

315
docs/modules/ui/v2-rewire/multi-sprint-plan.md
View File

@@ -1,266 +1,191 @@
# UI v2 Rewire Multi Sprint Plan (Draft 1)
# UI v2 Rewire Multi Sprint Plan (Draft 2 - Pack 22)
Status: Ready for sprint authoring
Date: 2026-02-18
Source set: `source-of-truth.md`, `authority-matrix.md`, `sprint-planning-guide.md`
Date: 2026-02-20
Source set: `source-of-truth.md`, `authority-matrix.md`, `sprint-planning-guide.md`, `S00_endpoint_contract_ledger_v2_pack22.md`
## Scope and intent
This is the first implementation decomposition for the v2 UI rewire.
It is designed for many execution sprints with clear dependencies and parallel lanes.
This plan decomposes the Pack 22 advisory into execution sprints with explicit backend dependency ordering.
Precedence rule: higher pack number wins for overlap.
## Mandatory contract workflow (all sprints)
For each screen in sprint scope, classify backend readiness:
- `EXISTS_COMPAT`
- `EXISTS_ADAPT`
- `MISSING_NEW`
Each sprint must produce a contract ledger with:
- screen
- required behavior
- current endpoint candidate
- status class
- auth scope impact
- schema delta
- owner module
Each sprint must produce or update a contract ledger with:
- screen,
- required behavior,
- current endpoint candidate,
- status class,
- auth scope impact,
- schema delta,
- owner module.
## Wave map
| Wave | Sprints | Goal |
| --- | --- | --- |
| Wave 0 | S00 | Freeze final spec and remove residual ambiguity |
| Wave 1 | S01, S02, S03 | Navigation shell and foundational admin/integration/ops taxonomy |
| Wave 2 | S04, S05, S06, S07 | Release core (bundles, promotions, approvals, runs) |
| Wave 3 | S08, S09, S10, S11 | Dashboard, env standardization, security and evidence consolidation |
| Wave 4 | S12, S13 | Migration cutover, redirects, QA hardening, release readiness |
| Wave 0 | S22-00 | Freeze Pack 22 canonical doc set and contract baseline |
| Wave 1 | S22-01, S22-02, S22-03 | Backend dependencies and DB migrations |
| Wave 2 | S22-04, S22-05 | FE nav shell and Releases consolidation |
| Wave 3 | S22-06, S22-07, S22-08 | Topology/Operations, Security/Evidence, Integrations/Admin alignment |
| Wave 4 | S22-09, S22-10 | Redirect cutover, Playwright conformity, release readiness |
## Sprint catalog
### S00 - Spec freeze and unresolved gaps
- Canonical packs: 21, 19, 20
- Goal: lock unresolved model gaps before feature implementation starts.
### S22-00 - Spec freeze for Pack 22
- Canonical packs: 22 (+ fallback packs per authority matrix)
- Goal: lock naming, ownership, and route intent before further implementation.
- Primary outputs:
- final `Advisory Sources` screen spec (Security and Risk)
- final rule for Release Control-owned capability rendering (shortcut vs nested)
- final Trust ownership transition policy (Administration owner, Evidence consumer)
- final route deprecation map baseline
- Contract work:
- start global endpoint ledger, initial status for all top-level screens.
- updated `source-of-truth.md`
- updated `authority-matrix.md`
- Pack 22 contract ledger baseline
- Dependencies: none.
- Parallelism: blocks S01-S03 start for any unresolved ownership topic.
### S01 - Nav shell and route framework
- Canonical packs: 21, 16
- Goal: create stable shell for new IA without breaking existing behavior.
- Working directory (implementation): `src/Web/StellaOps.Web`
### S22-01 - Backend context and releases read models (dependency sprint)
- Canonical packs: 22, 12, 13, 14, 17
- Working directory (implementation): `src/Platform/StellaOps.Platform.WebService`
- Goal: deliver global context and releases v2 contracts with DB backing.
- Primary outputs:
- root nav groups aligned to canonical IA
- breadcrumb updates and migration labels
- route alias skeleton for staged cutover
- Contract work:
- ledger for nav-linked routes and their current API assumptions.
- Dependencies: S00.
- Parallelism: can run with S02 and S03 after S00 decisions are frozen.
- `/api/v2/context/*`
- `/api/v2/releases/*` (list/detail/activity/approvals queue)
- DB migrations `047_*.sql`, `048_*.sql`
- Dependencies: S22-00.
### S02 - Administration and Integrations restructuring
- Canonical packs: 21, 10
- Goal: move settings-heavy capability into Administration and Integrations model.
- Working directory (implementation): `src/Web/StellaOps.Web`
### S22-02 - Backend topology inventory contracts (dependency sprint)
- Canonical packs: 22, 18
- Working directory (implementation): `src/Platform/StellaOps.Platform.WebService`
- Goal: deliver Topology APIs and inventory projections.
- Primary outputs:
- Admin A0-A7 routing and page ownership
- Integrations taxonomy and detail flow alignment
- Security Data split wiring (Integrations + Platform Ops + Security)
- Contract work:
- classify admin and integration endpoints; identify missing APIs for advisory source health and impact mapping.
- Dependencies: S00, S01.
- Parallelism: can run with S03.
- `/api/v2/topology/*`
- DB migration `049_*.sql`
- Dependencies: S22-00.
### S03 - Platform Ops and Data Integrity foundation
- Canonical packs: 15, 21, 10
- Goal: establish Data Integrity as the operational truth source.
- Working directory (implementation): `src/Web/StellaOps.Web`
### S22-03 - Backend security disposition contracts (dependency sprint)
- Canonical packs: 22, 19
- Working directory (implementation): `src/Platform/StellaOps.Platform.WebService`
- Goal: consolidate findings/disposition/SBOM contracts for Security.
- Primary outputs:
- Data Integrity overview and subviews
- ops links from dashboard/approvals/security placeholders
- feeds/airgap ops alignment with integrations view
- Contract work:
- classify freshness, job health, ingest, DLQ, and integration connectivity APIs.
- Dependencies: S00, S01.
- Parallelism: can run with S02.
- `/api/v2/security/findings`
- `/api/v2/security/disposition`
- `/api/v2/security/sbom-explorer`
- DB migration `050_*.sql`
- Dependencies: S22-00.
### S04 - Bundle organizer and bundle lifecycle
- Canonical packs: 12, 21
- Goal: implement bundle-first model for release inputs.
### S22-04 - FE nav shell migration
- Canonical packs: 22, 16
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: migrate root IA and top-bar global context controls.
- Primary outputs:
- bundle catalog/detail/builder flow
- component version selection and config contract steps
- materialize to environment flow shell
- Contract work:
- classify component inventory, digest mapping, changelog, and materialization APIs.
- define new schemas where missing (`MISSING_NEW`).
- Dependencies: S00, S01, S02.
- Parallelism: can start before S05.
- root route rename to canonical Pack 22 modules
- sidebar and breadcrumbs updated
- temporary legacy alias redirects
- Dependencies: S22-01 for context contract.
### S05 - Releases promotion flow (bundle-version anchored)
- Canonical packs: 13
- Goal: convert release flow to immutable bundle-version promotions.
### S22-05 - FE Releases module consolidation
- Canonical packs: 22, 12, 13, 14, 17
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: collapse release lifecycle surfaces into Releases module.
- Primary outputs:
- promotions list and create wizard
- release detail and gate summary model
- links to run timeline, approvals, evidence snapshots
- Contract work:
- classify promotion creation/status/history APIs and gate evaluation contracts.
- Dependencies: S04.
- Parallelism: can run with S06 once S04 contracts are stable.
- Releases list/detail/activity/approvals queue
- old standalone runs/deployments/promotions/hotfix routes redirected
- Dependencies: S22-01.
### S06 - Approvals v2 decision cockpit
- Canonical packs: 17, 13
- Goal: make approvals self-sufficient for decisioning.
### S22-06 - FE Topology and Operations boundary alignment
- Canonical packs: 22, 18, 15
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: move inventory pages to Topology and keep runtime state in Operations.
- Primary outputs:
- approvals queue v2
- approval detail tabs (overview, gates, security, reachability, ops/data, evidence, replay, history)
- consistent cross-links to Security/Evidence/Ops/Release Control
- Contract work:
- classify approval packet, gate trace, decision action, and evidence retrieval APIs.
- Dependencies: S05 and S03 baseline availability.
- Parallelism: partial overlap with S07 allowed.
- Topology module pages
- Operations cleanup after agent/inventory migration
- Dependencies: S22-02.
### S07 - Run timeline, checkpoints, rollback and replay context
- Canonical packs: 14
- Goal: provide auditable execution timeline for each promotion run.
### S22-07 - FE Security consolidation
- Canonical packs: 22, 19
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: implement Risk Overview + Findings + Disposition + SBOM Explorer.
- Primary outputs:
- run timeline page
- step detail with logs/artifacts/evidence capture points
- rollback and rerun controls with safe gating
- Contract work:
- classify run-step logs/artifact/retry/rollback APIs and permissions.
- Dependencies: S05.
- Parallelism: can run with S06.
- consolidated Security routes and nav
- disposition UX that composes VEX + Exceptions data
- Dependencies: S22-03.
### S08 - Dashboard v3 mission board
- Canonical packs: 16
- Goal: upgrade dashboard to release-risk mission board.
### S22-08 - FE Evidence/Integrations/Admin alignment
- Canonical packs: 22, 20, 10, 21
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: align evidence links, feed/vex source setup placement, and admin boundaries.
- Primary outputs:
- env risk panel (`CritR`, SBOM freshness, B/I/R coverage)
- nightly/data integrity signal cards
- fast drilldowns to approvals/releases/security/ops
- Contract work:
- classify aggregated dashboard endpoints and freshness metadata contracts.
- Dependencies: S03, S05, S06.
- Parallelism: can run with S09.
- evidence cross-links from releases/security/approvals
- integrations feed/vex source setup placement
- trust posture links with admin-owner mutations preserved
- Dependencies: S22-01 and S22-03.
### S09 - Environment detail standardization
- Canonical packs: 18
- Goal: unify environment decision state in one screen shell.
### S22-09 - Route deprecation and redirect cutover
- Canonical packs: 22 plus affected domain packs
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: preserve deep links while switching canonical roots.
- Primary outputs:
- standard env header
- tabs for deploy, SBOM/findings, reachability, inputs, promotions/approvals, data confidence, evidence
- canonical deep links into bundle/run/security/evidence pages
- Contract work:
- classify environment-scoped status and evidence APIs.
- Dependencies: S03, S04, S05.
- Parallelism: can run with S08 and S10.
- full redirect map and telemetry
- breadcrumb compatibility labels
- Dependencies: S22-04 to S22-08.
### S10 - Security and Risk consolidation
- Canonical packs: 19, 21
- Goal: implement decision-first Security model with advisory-source split.
- Working directory (implementation): `src/Web/StellaOps.Web`
- Primary outputs:
- risk overview, findings explorer/detail, vulnerabilities explorer/detail
- SBOM lake/graph placement, VEX, exceptions
- Advisory Sources screen per S00 finalized spec
- Contract work:
- classify findings/vuln/vex/exception/advisory-source APIs and filtering contracts.
- Dependencies: S00, S03, S08.
- Parallelism: can run with S11 once cross-link contracts stabilize.
### S22-10 - E2E conformity and release readiness
### S11 - Evidence and Audit consolidation
- Canonical packs: 20 with 21 trust override
- Goal: implement evidence chain navigation and audit retrieval model.
- Working directory (implementation): `src/Web/StellaOps.Web`
- Primary outputs:
- evidence home router
- evidence packs, bundles, export center, proof chains, replay/verify, audit log
- Trust links to Administration-owned surface
- Contract work:
- classify evidence pack/bundle/export/proof/replay/audit APIs and ownership boundaries.
- Dependencies: S00, S05, S06.
- Parallelism: can run with S10.
### S12 - Migration and redirect cutover
- Canonical packs: 21 plus affected domain packs
- Goal: make IA migration safe for existing users and links.
- Working directory (implementation): `src/Web/StellaOps.Web`
- Primary outputs:
- full redirect map for legacy settings and historical aliases
- breadcrumb and legacy-name compatibility labels
- deprecation telemetry hooks
- Contract work:
- no new domain APIs expected; verify alias routes and fallback behaviors.
- Dependencies: S01-S11 (or at least all impacted route owners).
- Parallelism: mostly late-phase integration sprint.
### S13 - E2E QA hardening and release readiness
- Canonical packs: all active authority packs
- Goal: prove end-to-end behavior against final IA and contracts.
- Working directory (implementation): `src/Web/StellaOps.Web`
- Goal: prove behavior against Pack 22 and fallback pack details.
- Primary outputs:
- route and workflow E2E coverage for all root domains
- accessibility and regression checks for nav and critical workflows
- Playwright route and interaction evidence
- screenshot pack for auditor handoff
- final contract ledger closure report
- Contract work:
- verify all screens have final status not `MISSING_NEW`.
- Dependencies: S02-S12 completion candidates.
- Parallelism: can stage as rolling QA, but final signoff occurs last.
- Dependencies: S22-04 to S22-09.
## Cross-module backend ownership map (planning)
These modules are likely to receive backend contract work during implementation sprints:
These modules are expected to receive backend contract work during Pack 22 migration:
- `src/Platform/`
- `src/ReleaseOrchestrator/`
- `src/Policy/`
- `src/Scanner/`
- `src/Integrations/`
- `src/EvidenceLocker/`
- `src/Attestor/`
- `src/Signer/`
- `src/Integrations/`
- `src/Scanner/`
- `src/Orchestrator/`
- `src/Scheduler/`
- `src/Authority/`
Each sprint that touches these must include explicit cross-module allowance in its sprint file.
## Initial sequencing recommendation
1. Execute S00 to remove final ambiguity.
2. Run S01 + S02 + S03 in parallel.
3. Start release core S04 -> S05, then branch into S06 and S07.
4. Run S08 + S09 + S10 + S11 as parallel domain upgrades.
5. Finish with S12 migration cutover and S13 final QA signoff.
1. Complete S22-00 documentation freeze.
2. Execute S22-01, S22-02, S22-03 as backend dependency lane.
3. Start FE with S22-04 and S22-05 after S22-01 API availability.
4. Run S22-06, S22-07, S22-08 with dependency gating.
5. Finish with S22-09 migration cutover and S22-10 QA signoff.
## Proposed sprint filename seeds (for `docs/implplan` authoring)
- `SPRINT_20260218_001_DOCS_ui_v2_rewire_spec_freeze.md` (S00)
- `SPRINT_20260218_002_FE_ui_v2_rewire_nav_shell.md` (S01)
- `SPRINT_20260218_003_FE_ui_v2_rewire_admin_integrations.md` (S02)
- `SPRINT_20260218_004_FE_ui_v2_rewire_platform_ops_data_integrity.md` (S03)
- `SPRINT_20260218_005_FE_ui_v2_rewire_bundle_lifecycle.md` (S04)
- `SPRINT_20260218_006_FE_ui_v2_rewire_releases_promotions.md` (S05)
- `SPRINT_20260218_007_FE_ui_v2_rewire_approvals_v2.md` (S06)
- `SPRINT_20260218_008_FE_ui_v2_rewire_run_timeline.md` (S07)
- `SPRINT_20260218_009_FE_ui_v2_rewire_dashboard_v3.md` (S08)
- `SPRINT_20260218_010_FE_ui_v2_rewire_environment_detail.md` (S09)
- `SPRINT_20260218_011_FE_ui_v2_rewire_security_consolidation.md` (S10)
- `SPRINT_20260218_012_FE_ui_v2_rewire_evidence_audit_consolidation.md` (S11)
- `SPRINT_20260218_013_FE_ui_v2_rewire_migration_redirects.md` (S12)
- `SPRINT_20260218_014_FE_ui_v2_rewire_release_readiness_qa.md` (S13)
Note: creation of official sprint files is intentionally deferred until write scope includes `docs/implplan`.
- `SPRINT_20260220_018_Platform_pack22_backend_contracts_and_migrations.md` (S22-01 + S22-02 + S22-03 baseline)
- `SPRINT_20260220_019_FE_pack22_ia_rewire_and_route_migration.md` (S22-04 + S22-05 baseline)
- `SPRINT_20260220_020_FE_pack22_releases_security_detailed_workbench.md` (incremental extension of S22-06/S22-07 scope)
- `SPRINT_20260220_021_FE_pack22_run_centric_releases_platform_scope.md` (run-centric extension across S22-06 to S22-08 scope)
- `SPRINT_20260220_022_FE_pack22_run_detail_provenance_contract.md` (run-detail contract hardening extension)
- `SPRINT_20260220_023_Platform_pack22_run_detail_backend_provenance_companion.md` (backend companion dependency for sprint 022)
- `SPRINT_20260220_024_FE_pack22_redirect_cutover.md` (S22-09 target)
- `SPRINT_20260220_025_FE_pack22_release_readiness_qa.md` (S22-10 target)

231
docs/modules/ui/v2-rewire/pack-22.md Normal file
View File

@@ -0,0 +1,231 @@
# Pack 22 - Release-First IA Consolidation Advisory
Status: Active authority (partially superseded by Pack 23 for Platform IA)
Date: 2026-02-20
Precedence: Overrides `pack-21.md` and lower packs for overlapping IA, naming, and ownership decisions. Pack 23 supersedes Pack 22 for Platform menu placement and Ops/Integrations/Setup ownership boundaries.
## 1) Intent
- Reframe IA around Stella Ops core loop:
- Release -> Gate (security + ops) -> Promote/Deploy -> Evidence -> Audit/Replay.
- Remove duplicated menus that represent the same lifecycle object from different angles.
- Keep backend semantics strict:
- release identity is immutable and digest-first,
- workflow/run/deployment/promotion are execution artifacts of a release.
## 2) Canonical mental model
- Release (formerly Bundle): immutable unit of change, identified by digest and metadata.
- Workflow/Pipeline: policy and orchestration template.
- Run: workflow execution instance for a release and context.
- Promotion: environment transition.
- Deployment: apply release to targets/runtimes.
- Hotfix: release type with expedited gate defaults (not a separate product root).
## 3) Canonical global navigation
Top-level modules:
1. Dashboard
2. Releases
3. Security
4. Evidence
5. Topology
6. Operations
7. Integrations
8. Administration
Persistent top bar context:
- Search
- Region multi-select
- Environment multi-select (scoped by selected regions)
- Time window selector
- Status indicators (offline/feed/policy/evidence)
## 4) Consolidation rules
- `Bundle` term is deprecated in UI:
- use `Release`.
- `Create Bundle` becomes:
- `Create Release`.
- `Current Release` action label becomes:
- `Deploy Release`.
- The following become views inside `Releases` and are not standalone modules:
- Runs,
- Deployments,
- Promotions,
- Hotfixes.
- `Regions & Environments` is not daily navigation:
- global context lives in top bar,
- inventory/setup lives under `Topology`.
- Security surface is consolidated:
- Overview,
- Triage,
- Advisories & VEX,
- Supply-Chain Data.
- `Disposition` is a UX concept embedded in triage/detail:
- Effective VEX,
- Waivers/Exceptions,
- Policy Gate Trace.
- VEX/advisory feed configuration belongs to `Integrations`, not Security.
## 5) Canonical module surfaces
### Dashboard
- Mission control posture:
- deploying now,
- blocked promotions,
- hotfix lane,
- risk posture,
- evidence posture.
- Quick actions:
- Create Release,
- Create Hotfix,
- Approvals Queue,
- Export Evidence,
- Replay decision capsule.
### Releases
- Releases List (standard + hotfix in one list).
- Release Detail tabs:
- Overview,
- Timeline,
- Deploy,
- Security,
- Evidence,
- Audit.
- Approvals Queue (cross-release).
- Activity (cross-release runs timeline).
### Security
- Overview:
- blocker-first posture,
- freshness/confidence,
- expiring waivers and conflicts.
- Triage:
- single dataset with pivots and facets,
- sticky evidence rail (`Why`, `SBOM`, `Reachability`, `Effective VEX`, `Waiver`, `Policy Trace`, `Export`).
- Advisories & VEX:
- provider health,
- VEX library,
- conflicts and resolution,
- issuer trust.
- Supply-Chain Data:
- SBOM Viewer,
- SBOM Graph,
- SBOM Lake,
- Reachability coverage,
- Coverage/Unknowns.
- Reports:
- optional route family,
- evidence export handoff remains owned by `Evidence`.
### Evidence
- Audit Log.
- Evidence Packs:
- Export Center,
- Proof Chains,
- Replay and Verify.
- Trust and Signing:
- user-facing trust posture can be reached here,
- admin owner mutations remain governed by Administration scopes.
### Topology
- Regions.
- Environments.
- Targets and Hosts.
- Agents.
- Promotion Paths.
- Workflows.
- Gate Profiles.
Implementation update (2026-02-20):
- Dedicated operator pages now back canonical Topology routes:
- `/topology/overview`,
- `/topology/regions` + `/topology/environments` (region-first + flat/graph views),
- `/topology/environments/:environmentId/posture` (topology-first tabs),
- `/topology/targets`,
- `/topology/hosts`,
- `/topology/agents`,
- `/topology/promotion-paths`.
- Generic inventory fallback remains only for non-primary Topology routes (`/topology/workflows`, `/topology/gate-profiles`).
- Region/environment global multi-select filters propagate as comma-joined query scope on Topology reads.
### Operations
- Platform Health.
- Orchestrator and Jobs.
- Scheduler.
- Data Integrity.
- Offline Kit.
- Quotas and Limits.
### Integrations
- Registries.
- SCM.
- CI/CD.
- Hosts/Targets connectors.
- Secrets.
- Advisory feeds.
- VEX sources/feeds.
- Integration Health.
- Integration Activity.
### Administration
- Identity and Access.
- Tenants and Branding.
- Notifications.
- Usage and Limits.
- Policy Governance.
- System.
## 6) Old-to-new mapping (route/module intent)
| Legacy intent | New canonical placement |
| --- | --- |
| `Release Control` root | Split into `Releases` + `Topology` |
| `Bundles` | `Releases` (rename Bundle -> Release) |
| `Promotions` | `Releases -> Release Detail -> Timeline` and `Releases -> Activity` |
| `Deployments` | `Releases -> Release Detail -> Deploy` and `Releases -> Activity` |
| `Run Timeline` | `Releases -> Activity` and `Release Detail -> Timeline` |
| `Hotfixes` | `Releases` filter/type + Dashboard hotfix lane |
| `Regions & Environments` menu | Top bar context + `Topology` inventory |
| `Security & Risk -> VEX` and `Exceptions` | `Security -> Triage` disposition rail + `Security -> Advisories & VEX` |
| `Security -> SBOM Graph` and `SBOM Lake` | `Security -> Supply-Chain Data` tabs |
| `Security -> Advisory Sources` config | `Integrations` feeds and source setup |
| `Platform Ops -> Agents` | `Topology -> Agents` |
## 7) Backend dependency directives
- Add/extend v2 contract namespaces for canonical modules:
- `/api/v2/context/*`,
- `/api/v2/releases/*`,
- `/api/v2/topology/*`,
- `/api/v2/security/*`,
- `/api/v2/evidence/*`,
- `/api/v2/integrations/*`,
- `/api/v2/operations/*`.
- Keep legacy aliases during migration window (`/api/v1/*` and domain legacy paths) with explicit deprecation telemetry.
- Required DB migration families (Platform release DB sequence continues after `046_TrustSigningAdministration.sql`):
- `047_GlobalContextAndFilters.sql`,
- `048_ReleaseReadModels.sql`,
- `049_TopologyInventory.sql`,
- `050_SecurityDispositionProjection.sql`,
- `051_IntegrationSourceHealth.sql`.
## 8) Planning acceptance gates
- Canonical docs (`source-of-truth.md`, `authority-matrix.md`, contract ledger) updated before sprint execution.
- Every new screen/route has endpoint classification:
- `EXISTS_COMPAT`,
- `EXISTS_ADAPT`,
- `MISSING_NEW`.
- Backend migrations are listed in sprint completion criteria before FE route cutover tasks can be marked done.

85
docs/modules/ui/v2-rewire/pack-23.md Normal file
View File

@@ -0,0 +1,85 @@
# Pack 23 - Platform Global Ops/Integrations/Setup Advisory Delta
Status: Active high-precedence authority for Platform IA and ownership
Date: 2026-02-20
Precedence: Overrides `pack-22.md` and lower packs for overlapping Platform navigation, ownership, and operator workflow behavior.
## 1) Intent
- Make `Platform` a global root and consolidate operability into one module shell.
- Keep three explicit Platform subdomains:
- `Ops`,
- `Integrations`,
- `Setup`.
- Reduce cognitive load by consolidating operations surfaces around decision impact.
## 2) Canonical Platform model
### 2.1 Platform as global root
- `Platform` is a top-level module.
- `Integrations` and `Setup` are no longer separate top-level roots.
- Canonical IA under Platform:
- `/platform/ops/*`
- `/platform/integrations/*`
- `/platform/setup/*`
### 2.2 Ops workflow priority
Ops primary workflows:
1. `Data Integrity`
2. `Jobs & Queues`
3. `Health & SLO`
Ops secondary tools:
- `Feeds & Airgap`
- `Quotas & Limits`
- `Diagnostics`
### 2.3 Ownership boundaries
- `Topology` owns hosts/targets/agents management.
- `Platform Integrations` owns external systems only:
- Registries,
- SCM,
- CI/CD,
- Runtimes / Hosts (connectors only),
- Advisory sources,
- VEX sources,
- Secrets.
- `Platform Setup` owns inventory and orchestration setup:
- Regions & Environments,
- Promotion Paths,
- Workflows & Gates,
- Gate Profiles,
- Release Templates.
- Feed Policy,
- Defaults & Guardrails.
## 3) Degraded/offline UX contract
Platform operator views must provide:
- explicit decision impact label (`BLOCKING`, `DEGRADED`, `INFO`),
- retry controls,
- copyable correlation ID,
- last-known-good/read-only context when live dependencies degrade.
## 4) Route mapping directives
- Keep legacy aliases for migration safety:
- `/integrations/*` -> `/platform/integrations/*`
- `/platform-ops/*` and `/operations/*` -> `/platform/ops/*`
- Legacy hosts/targets integration links must redirect to Topology:
- `/platform/integrations/hosts` -> `/topology/hosts`
- `/platform/integrations/targets*` -> `/topology/targets`
## 5) Planning and QA gates
- Platform nav and submenus reflect the Ops/Integrations/Setup split.
- Integrations screens do not present hosts/targets/agents as managed integration categories.
- Integrations include `Runtimes / Hosts` as connector category while inventory ownership remains in Topology.
- Setup routes render setup-owned pages, including `Feed Policy`, `Gate Profiles`, and `Defaults & Guardrails`.
- Focused FE route/nav/platform tests pass for changed surfaces before sprint closure.

29
docs/modules/ui/v2-rewire/pack-conformity-diff-2026-02-20.md
View File

@@ -1,25 +1,40 @@
# Pack Conformity Diff - 2026-02-20 (UTC)
Status: Historical baseline for pre-Pack-22 structure.
Pack 22 (`docs/modules/ui/v2-rewire/pack-22.md`) supersedes this conformity scope for IA decisions.
Do not treat this file as final conformity evidence for current canonical planning.
## Scope
- Source packs reviewed: `docs/modules/ui/v2-rewire/pack-01.md` through `docs/modules/ui/v2-rewire/pack-21.md`.
- Effective precedence rule: higher pack number wins where behavior is refined in later packs.
- Conformity harness: `src/Web/StellaOps.Web/tests/e2e/pack-conformance.scratch.spec.ts`.
- UI run mode for clean routing: Angular dev server on `https://127.0.0.1:4410` with empty proxy config (no `/integrations` or `/platform` path capture).
- UI run mode: Angular dev server on `https://127.0.0.1:4410` (no proxy config).
## Evidence
- Command:
`npx ng serve --configuration development --port 4410 --host 127.0.0.1 --ssl --proxy-config proxy.playwright-empty.json`
`npx ng serve --configuration development --port 4410 --host 127.0.0.1 --ssl`
- Command:
`PLAYWRIGHT_BASE_URL=https://127.0.0.1:4410 PACK_CONFORMANCE_FILTER='pack-19.*exceptions' npx playwright test tests/e2e/pack-conformance.scratch.spec.ts`
- Command:
`PLAYWRIGHT_BASE_URL=https://127.0.0.1:4410 npx playwright test tests/e2e/pack-conformance.scratch.spec.ts`
- Command:
`PLAYWRIGHT_BASE_URL=https://127.0.0.1:4400 npx playwright test tests/e2e/pack-conformance.scratch.spec.ts --workers=1`
- Command:
`PACK_CONFORMANCE_FILTER='security' PACK_SCREENSHOT_DIR='docs/qa/security-advisory-rebuild-2026-02-20' npx playwright test tests/e2e/pack-conformance.scratch.spec.ts`
- Result:
`61` canonical pack route checks executed, `60` conformant, `1` mismatch.
Filtered Pack 19 exceptions run passed (`1` test, `0` failures). Full conformance sweep passed (`1` test, `0` failures; all `61` canonical route checks matched).
- Result:
Post-audit run passed (`1` test, `0` failures) after aligning conformance expectations to run-centric canonical routes (`/releases/runs`, `/security/triage`, `/evidence/capsules`, `/platform/setup`).
- Result:
Security-focused advisory rebuild check passed (`1` test, `0` failures) with screenshot index at `src/Web/StellaOps.Web/docs/qa/security-advisory-rebuild-2026-02-20/index.csv`.
## Difference Ledger
| Status | Pack File | Pack Section | Canonical Route | Expected UI | Actual UI | Code Reference |
| --- | --- | --- | --- | --- | --- | --- |
| DIFF | `docs/modules/ui/v2-rewire/pack-19.md` | `19.10 Security screen - Exceptions` | `/security-risk/exceptions` | Dedicated "Exceptions" screen for waivers and risk acceptance | Route resolves to Vulnerability Triage artifact screen (`Vulnerability Triage`, `Artifact-first workflow with evidence and VEX-first decisioning`) | `src/Web/StellaOps.Web/src/app/routes/security-risk.routes.ts:103`, `src/Web/StellaOps.Web/src/app/routes/security-risk.routes.ts:107`, `src/Web/StellaOps.Web/src/app/features/triage/triage-artifacts.component.html:4` |
| RESOLVED | `docs/modules/ui/v2-rewire/pack-19.md` | `19.10 Security screen - Exceptions` | `/security-risk/exceptions` | Dedicated "Exceptions" screen for waivers and risk acceptance | Route resolves to dedicated Exceptions dashboard/detail flow (list, detail, approvals) with risk-acceptance vocabulary and evidence/approval context | `src/Web/StellaOps.Web/src/app/routes/security-risk.routes.ts:103`, `src/Web/StellaOps.Web/src/app/features/exceptions/exception-dashboard.component.html:2`, `src/Web/StellaOps.Web/src/app/features/exceptions/exception-detail.component.html:14` |
## Notes
- The remaining gap is functional, not naming-only.
- The mismatch is isolated to the Pack 19 Exceptions requirement.
- All other pack-derived canonical routes in the current matrix conform under the clean run mode above.
- Pack 19 Exceptions mismatch is resolved in compatibility routes.
- Pack 22 remains the active IA authority for current planning and route migration.
- Full `pack-01..pack-21` conformity sweep currently reports no unresolved mismatches.

203
docs/modules/ui/v2-rewire/source-of-truth.md
View File

@@ -1,145 +1,170 @@
# UI v2 Rewire Source of Truth
# UI v2 Rewire Source of Truth
Status: Active
Date: 2026-02-18
Date: 2026-02-20
Working directory: `docs/modules/ui/v2-rewire`
## 1) Hard Rules
## 1) Hard rules
1. For overlapping guidance, higher pack number wins.
2. If a higher pack is partial, keep the latest lower-pack detail for uncovered screens.
3. Inside one pack, interpret in this order: `Now/New location` statements, menu/screen graphs, then ASCII/rationale text.
3. Inside one pack, interpret in this order:
- `Now/New location` statements,
- menu/screen graphs,
- ASCII/rationale text.
4. Canonical planning references must come from this file plus `authority-matrix.md`, not raw packs alone.
5. `pack-23.md` is the active Platform IA override for all conflicts with `pack-22.md` and lower packs.
6. `pack-22.md` remains authority for non-Platform areas unless `pack-23.md` explicitly overrides them.
## 2) Canonical IA (v2)
## 2) Canonical IA (v3)
### 2.1 Root domains
### 2.1 Root modules
Canonical root domains are:
- `Dashboard` (release mission board)
- `Release Control`
- `Security & Risk`
- `Evidence & Audit`
- `Integrations`
- `Platform Ops`
Canonical top-level modules are:
- `Dashboard`
- `Releases`
- `Security`
- `Evidence`
- `Topology`
- `Platform`
- `Administration`
Rationale:
- `Dashboard` is last explicitly upgraded as a release-centric entrypoint in Pack 16.
- Root domain framing is explicit in Pack 21 and remains the governing top-level grouping.
### 2.2 Global context
### 2.2 Ownership decisions resolved by higher-pack precedence
Region and Environment are global context selectors in the top bar, not deep menu nodes.
Required global context controls:
- Search
- Region multi-select
- Environment multi-select scoped to Region selection
- Time window selector
- Status indicators (offline/feed/policy/evidence)
### 2.3 Ownership decisions resolved by precedence
These are authoritative for planning and replace older conflicting placements:
- `Policy Governance` belongs to `Administration` (Pack 21 overrides Packs 5/9/11).
- `Trust & Signing` belongs to `Administration`, with consumption links from Evidence/Security (Pack 21 overrides Packs 9/11/20 on ownership).
- `System` belongs to `Administration` with operational drilldowns into `Platform Ops` (Pack 21 overrides Packs 9/11 alternatives).
- Legacy `Settings -> Security Data` is split:
- source connectivity/freshness in `Integrations` plus `Platform Ops` mirror operations
- advisory impact on gating in `Security & Risk` (Pack 21 mapping).
### 2.3 Domain ownership vs nav rendering
`Releases`, `Approvals`, `Deployments`, `Regions & Environments`, and `Bundles` are Release Control domain capabilities.
If implementation keeps direct nav shortcuts for `Releases`/`Approvals`, treat that as a rendering convenience only. Domain ownership and contracts remain Release Control-owned.
- `Release Control` root is decomposed:
- release lifecycle surfaces move to `Releases`,
- inventory/setup surfaces move to `Topology`.
- `Bundle` is deprecated in operator IA and renamed to `Release`.
- `Runs`, `Deployments`, `Promotions`, and `Hotfixes` are lifecycle views inside `Releases` and not top-level modules.
- `VEX` and `Exceptions` are exposed as one UX concept:
- `Security -> Triage` disposition rail + detail tabs,
- `Security -> Advisories & VEX` for provider/library/conflict/trust operations,
- backend data models remain distinct.
- SBOM, reachability, and unknowns are unified under `Security -> Supply-Chain Data` tabs.
- Advisory feed and VEX source configuration belongs to `Integrations`, not Security.
- `Policy Governance` remains under `Administration`.
- Trust posture must be reachable from `Evidence`, while admin-owner trust mutations remain governed by administration scopes.
## 3) Canonical screen authorities
Use the following packs as the latest valid source per domain.
### 3.1 Release Control + Bundle lifecycle
### 3.1 IA and naming consolidation
Authoritative packs:
- Pack 21 for `Release Control` root positioning and setup/admin migration
- Pack 12 for full Bundle Organizer data model and flows
- Pack 13 for release promotion flows anchored on bundle versions
- Pack 14 for run/timeline, checkpoints, rollback, replay hooks
- Pack 18 for standardized environment detail shell/tabs
Authoritative pack:
Superseded for this domain:
- Packs 1, 4, 8, 11 (historical drafts)
- `pack-22.md`
- `pack-23.md` (highest precedence for Platform ownership and menu placement)
- `pack-22.md`
Superseded for overlapping decisions:
- `pack-21.md` and lower packs for root module grouping and naming.
### 3.2 Dashboard
Authoritative pack:
- Pack 16 (`Dashboard` mission board, env risk + SBOM + hybrid reachability + Nightly/Data signals)
Authoritative packs:
Superseded:
- Packs 1, 4, 8, 11 (dashboard/control-plane variants)
- `pack-22.md` for mission control framing and quick actions.
- `pack-16.md` for detailed dashboard signal widgets where not overridden.
### 3.3 Approvals
### 3.3 Releases
Authoritative packs:
- Pack 17 for upgraded approval queue/detail tabs and decision-ready context
- Pack 13 for base release/approval flow coupling
- `pack-22.md` for consolidation model (`list`, `detail tabs`, `activity`, `approvals queue`).
- `pack-12.md` for release composition/builder details.
- `pack-13.md` for promotion flow semantics.
- `pack-14.md` for timeline/checkpoint/rollback/replay semantics.
- `pack-17.md` for approvals detail depth.
Superseded:
- Packs 1, 4, 8, 13 sections overlapped by Pack 17 detail model
### 3.4 Security & Risk
- Standalone menu treatment from earlier packs where runs/deployments/promotions/hotfixes were separate roots.
### 3.4 Topology
Authoritative packs:
- Pack 19 for consolidated decision-first Security screen model
- Pack 21 for top-level `Advisory Sources` mapping statement
Superseded:
- Packs 3, 7, and earlier security layouts
- `pack-22.md` for module ownership and taxonomy.
- `pack-18.md` for environment detail shell standards reused inside topology-aware views.
Known gap:
- `Advisory Sources` detailed screen spec is not fully expanded in raw packs and must be sprinted as a first planning task.
### 3.5 Evidence & Audit
Authoritative pack:
- Pack 20 for evidence chain structure (`Evidence Home`, packs/bundles/export/proof/replay/audit)
Override:
- `Trust & Signing` ownership moved to `Administration` by Pack 21. Keep bidirectional deep links.
Superseded:
- Packs 3, 9, 11 evidence structures
### 3.6 Platform Ops and data confidence
### 3.5 Security
Authoritative packs:
- Pack 15 for `Data Integrity` operating model and bubble-up wiring
- Pack 10 for feeds/airgap operational screen specifics where still needed
- Pack 21 for top-level Platform Ops taxonomy and admin drilldown links
- `pack-22.md` for consolidation into `Overview`, `Triage`, `Advisories & VEX`, `Supply-Chain Data`, and optional `Reports`.
- `pack-19.md` for decision-first security detail behavior where not overridden.
Superseded:
- Packs 3, 6, 9, 11 operations variants
### 3.7 Integrations
- Earlier split explorer layouts that force separate VEX/Exceptions and separate SBOM roots.
### 3.6 Evidence
Authoritative packs:
- Pack 21 for Integrations taxonomy and settings split
- Pack 10 for hub/detail/add + feed-source operational ties
Superseded:
- Packs 2, 5, 9 integration placement drafts
- `pack-22.md` for evidence navigation framing and release linkage expectations.
- `pack-20.md` for evidence chain structure (packs/export/proof/replay/audit).
### 3.8 Administration
### 3.7 Operations
Authoritative pack:
- Pack 21 (`A0` ... `A7` including Policy, Trust, System)
Authoritative packs:
Superseded:
- Packs 2, 5, 9, 11 admin/settings decompositions
- `pack-23.md` for Platform Ops placement and workflow prioritization.
- `pack-15.md` for data integrity operating model.
- `pack-10.md` for feeds/airgap operational detail where still valid.
### 3.8 Integrations
Authoritative packs:
- `pack-23.md` for Platform Integrations placement and topology ownership split.
- `pack-10.md` and `pack-21.md` for connector detail flows where not overridden.
### 3.9 Administration
Authoritative packs:
- `pack-22.md` for top-level scope.
- `pack-21.md` for detailed A0-A7 screen structure where not overridden.
## 4) Normalized terminology (canonical names)
Use these terms in sprint tickets/specs:
- `Control Plane` -> `Dashboard`
- `Packets` -> `Evidence Packs`
- `Evidence Bundles` remains `Evidence Bundles`
- `Feed Mirror & AirGap Ops` under `Platform Ops` (connectivity still surfaced in `Integrations`)
- `Hybrid Reachability` stays second-class (visible in context views, not a standalone product root)
- `Bundle` -> `Release`
- `Create Bundle` -> `Create Release`
- `Current Release` -> `Deploy Release`
- `Run Timeline` -> `Activity` (cross-release) or `Timeline` (release detail tab)
- `Security & Risk` -> `Security`
- `Evidence & Audit` -> `Evidence`
- `Platform Ops` -> `Platform -> Ops`
- `Integrations` root -> `Platform -> Integrations`
- `Setup` root -> `Platform -> Setup`
- `Regions & Environments` menu -> `Topology` module + global context switchers
## 5) Planning gaps to schedule first
Create early sprints for these spec-completion items before broad implementation starts:
- `Security & Risk -> Advisory Sources` full screen definition and contracts
- final nav rendering decision for Release Control-owned capabilities (direct shortcuts vs strictly nested)
- Trust ownership transition rules between Administration and Evidence workflows (route aliases + breadcrumbs + redirects)
- route deprecation map from legacy `Settings/*` and older aliases to final IA paths
Create first-wave dependency sprints for:
- backend global context contracts and persistence (`Region/Environment` top-bar model),
- releases read-model contracts for list/detail/activity/approvals queue,
- topology inventory contracts and synchronization,
- security disposition aggregation contracts (VEX + Exceptions UX join),
- route deprecation map from `/release-control/*`, `/security-risk/*`, `/evidence-audit/*`, `/platform-ops/*` to canonical paths.

46
docs/modules/ui/v2-rewire/sprint-planning-guide.md
View File

@@ -1,7 +1,7 @@
# UI v2 Rewire Sprint Planning Guide
# UI v2 Rewire Sprint Planning Guide
Status: Planning-only guidance
Date: 2026-02-18
Date: 2026-02-20
This guide defines how to decompose the canonical redesign into many implementation sprints.
@@ -9,7 +9,7 @@ This guide defines how to decompose the canonical redesign into many implementat
1. `source-of-truth.md`
2. `authority-matrix.md`
3. Authoritative packs for the selected capability area
3. `pack-22.md` plus authoritative fallback packs for selected capability area
4. Current UI/backend implementation (`src/Web/**`, `src/**/WebService/**`) for feasibility and contract checks
Do not start sprint writing from raw pack text alone.
@@ -18,7 +18,8 @@ Do not start sprint writing from raw pack text alone.
- Higher pack number is authoritative for overlaps.
- Keep redesign deterministic and offline-capable.
- Treat nav placement changes and backend contract changes as separate work items.
- Treat IA route migration and backend contract/migration work as separate tasks.
- Backend dependency sprints (contracts + DB migrations) must complete before FE cutover tasks are marked `DONE`.
- Preserve migration safety with redirect/alias tasks in rollout sprints.
## 3) Recommended multi-sprint decomposition
@@ -27,20 +28,23 @@ Use independent streams so multiple teams can run in parallel.
| Stream | Scope | Primary packs |
| --- | --- | --- |
| `S0-Spec` | close spec gaps and freeze canonical IA terms | `pack-21.md`, `pack-19.md`, `pack-20.md` |
| `S1-NavShell` | root nav structure, route aliases, breadcrumbs, migration banners | `pack-21.md`, `pack-16.md` |
| `S2-ReleaseCore` | bundles, releases, approvals, run timeline | `pack-12.md`, `pack-13.md`, `pack-14.md`, `pack-17.md` |
| `S3-EnvOps` | environment detail + data confidence + ops bubble-up | `pack-18.md`, `pack-15.md`, `pack-16.md` |
| `S4-SecurityEvidence` | Security consolidation + Evidence consolidation + cross-links | `pack-19.md`, `pack-20.md` |
| `S5-AdminIntegrations` | Administration A0-A7, Integrations taxonomy, feeds split | `pack-21.md`, `pack-10.md` |
| `S0-SpecFreeze` | lock canonical IA terms, ownership, endpoint ledger baseline | `pack-22.md`, `source-of-truth.md`, `authority-matrix.md` |
| `S1-BackendFoundation` | global context, releases read models, topology, security disposition, migrations | `pack-22.md`, `S00_endpoint_contract_ledger_v2_pack22.md` |
| `S2-NavShell` | root nav rename and global context top bar | `pack-22.md`, `pack-16.md` |
| `S3-Releases` | release list/detail/activity/approvals consolidation | `pack-22.md`, `pack-12.md`, `pack-13.md`, `pack-14.md`, `pack-17.md` |
| `S4-TopologyOps` | topology module and operations boundary cleanup | `pack-22.md`, `pack-18.md`, `pack-15.md` |
| `S5-SecurityEvidence` | findings/disposition/sbom explorer + evidence linkage | `pack-22.md`, `pack-19.md`, `pack-20.md` |
| `S6-IntegrationsAdmin` | feeds/vex sources config + governance surfaces | `pack-22.md`, `pack-10.md`, `pack-21.md` |
| `S7-CutoverQA` | redirects, deep links, Playwright conformity, release readiness | all active authority packs |
## 4) Endpoint and contract investigation workflow
Backend coverage is incomplete in some areas. Every sprint must include an explicit endpoint contract pass.
Backend coverage is incomplete for Pack 22. Every sprint must include an explicit endpoint contract pass.
### 4.1 For each planned screen, classify backend status
Use one of these states:
- `EXISTS_COMPAT` - endpoint exists and contract matches target UI
- `EXISTS_ADAPT` - endpoint exists but response/request shape or semantics must be adapted
- `MISSING_NEW` - endpoint does not exist and must be specified/implemented
@@ -51,20 +55,22 @@ Use one of these states:
2. Locate current API client call(s) in UI client layer.
3. Locate backend endpoint(s) across service modules.
4. Compare current contract to target pack behavior.
5. Record status (`EXISTS_COMPAT` / `EXISTS_ADAPT` / `MISSING_NEW`).
6. If `MISSING_NEW`, write a contract task with request/response schema, auth scope, and evidence requirements.
5. Record status (`EXISTS_COMPAT` / `EXISTS_ADAPT` / `MISSING_NEW`) in the ledger.
6. If `MISSING_NEW`, write contract + DB migration tasks with request/response schema, auth scope, and deterministic behavior requirements.
### 4.3 Search anchors (read-only references)
- UI routing and nav:
- `src/Web/StellaOps.Web/src/app/app.routes.ts`
- `src/Web/StellaOps.Web/src/app/layout/app-sidebar/app-sidebar.component.ts`
- `src/Web/StellaOps.Web/src/app/features/**/**.routes.ts`
- `src/Web/StellaOps.Web/src/app/routes/*.ts`
- UI API clients:
- `src/Web/StellaOps.Web/src/app/core/api/*.ts`
- Backend endpoint surfaces:
- `src/**/WebService/Endpoints/*.cs`
- `src/**/Infrastructure/**` for data dependencies
- Platform DB migrations:
- `src/Platform/__Libraries/StellaOps.Platform.Database/Migrations/Release/*.sql`
## 5) Mandatory sprint ticket fields (for every UI feature ticket)
@@ -76,6 +82,7 @@ Use this minimum structure in planning docs:
- UI scope: <routes/components>
- Backend contract status: EXISTS_COMPAT | EXISTS_ADAPT | MISSING_NEW
- Endpoint(s): <current or proposed>
- DB migration impact: <existing migration or new migration file>
- Auth scope impact: <new/changed scopes>
- Offline/determinism impact: <none or required behavior>
- Redirect/deprecation impact: <legacy paths>
@@ -84,17 +91,20 @@ Use this minimum structure in planning docs:
## 6) First planning backlog (must be created before build sprints)
1. Spec gap sprint for `Security & Risk -> Advisory Sources` detailed screen model and contracts.
2. Nav migration sprint defining final rendering strategy for Release Control-owned capabilities.
3. Trust ownership transition sprint (Administration owner, Evidence consumer links and redirects).
4. Route alias/deprecation sprint from legacy settings and historical paths.
1. Backend dependency sprint for global context and releases read-model contracts (`/api/v2/context/*`, `/api/v2/releases/*`).
2. Backend dependency sprint for topology inventory contracts (`/api/v2/topology/*`) and migrations.
3. Backend dependency sprint for security disposition contracts (`/api/v2/security/findings`, `/api/v2/security/disposition`).
4. FE nav migration sprint from old roots to `Dashboard/Releases/Security/Evidence/Topology/Operations/Integrations/Administration`.
5. Route alias/deprecation sprint from legacy domains and paths.
## 7) Definition of ready for implementation sprint
A capability is ready only when:
- authoritative pack sections are listed,
- endpoint status is classified for each screen,
- missing contracts are specified,
- DB migrations are identified,
- scope/permission changes are identified,
- migration/redirect handling is scoped,
- test evidence expectations are explicit.